Samin061 opened a new pull request, #5100:
URL: https://github.com/apache/calcite/pull/5100
## Jira Link
Not filed yet; glad to open a CALCITE issue for tracking if you prefer one.
## Changes Proposed
`ST_GeomFromGML` hands the GML text straight to `SpatialTypeUtils.fromGml`,
which parses it with JTS `GMLReader`. That reader builds a SAX parser from the
JAXP defaults, so DOCTYPE declarations and external entities are resolved. The
GML argument is ordinary untrusted data (a literal, parameter, or row value),
so a document like `<!DOCTYPE p [ <!ENTITY x SYSTEM "file:///etc/passwd"> ]>`
referenced from `<gml:coordinates>` reads a local file, and an external-DTD
reference makes the parser open an outbound connection, giving both file
disclosure and SSRF (XXE). The XML functions in `XmlFunctions` were already
hardened against this, but the spatial path slipped through because JTS
constructs its own parser instead of reusing that configuration. I noticed it
while checking which readers under `runtime` touch untrusted XML. The fix
builds the SAX parser inside `fromGml` with `FEATURE_SECURE_PROCESSING` and
`disallow-doctype-decl` and drives JTS `GMLHandler` directly, matching the exist
ing hardening; valid GML parses exactly as before, and the added test confirms
a document carrying a DOCTYPE is rejected.
Repro (with `fun=spatial`):
```sql
SELECT ST_GeomFromGML(
'<?xml version="1.0"?>
<!DOCTYPE Point [ <!ENTITY xxe SYSTEM "file:///etc/passwd"> ]>
<gml:Point
xmlns:gml="http://www.opengis.net/gml"><gml:coordinates>&xxe;</gml:coordinates></gml:Point>');
```
`./gradlew :core:test` (SpatialTypeUtilsTest, CoreQuidemTest), checkstyle,
autostyle and forbiddenApis pass locally.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]